CVE-2017-2720

Name of the Vulnerable Software and Affected Versions FusionSphere OpenStack version V100R006C00

Description The software has an information exposure issue due to the use of a hard-coded cryptographic key for encrypting messages between certain components. This significantly increases the risk that encrypted data may be recovered, resulting in information exposure.

Recommendations For version V100R006C00, consider updating the cryptographic key to a unique, non-hard-coded value to mitigate the risk of information exposure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.